Facebook confesses: Buckle up, there's plenty more privacy lapses where that came from

It's a $460bn business with a free service… what did you think was going on?

Facebook has confirmed what many of us have known for years: Cambridge Analytica was far from the only organization engaging in the wholesale hoarding of netizens' personal data via the social network.

The Silicon Valley giant told America's financial watchdog, the SEC, on Thursday that it will probably reveal additional data-harvesting operations as it continues probing how outside developers accessed its website and what information they siphoned off in bulk.

Don't forget, Facebook was more than happy to let third-party apps and tools connect to its services and extract people's personal information, provided punters clicked through user agreements they never had time to read. Now after years of letting companies chug from its firehose, Facebook is shocked – shocked – to discover that shady outfits were amassing folks' info via these APIs.

Cambridge Anal. got hold of 87 million people's profile records via a quiz app that poked around on the social network. Many other games and distractions will have done similar.

"As a result of these efforts we anticipate that we will discover and announce additional incidents of misuse of user data or other undesirable activity by third parties. We may also be notified of such incidents or activity via the media or other third parties," Facebook officials told the SEC.

"Such incidents and activities may include the use of user data in a manner inconsistent with our terms or policies, the existence of false or undesirable user accounts, election interference, improper ad purchases, activities that threaten people’s safety on- or offline, or instances of spamming, scraping, or spreading misinformation."

Facebook Wow Sad Angry

Facebook's inflection point: Now everyone knows this greedy mass surveillance operation for what it is


The admission was part of the list of risk factors Facebook has to disclose, as a public US company, to the regulator as part of its quarterly earnings reports. The social network noted that it already faces multiple class-action lawsuits as a result of the data collection, and losing even one of those cases could have an impact on its bottom line.

"There can be no assurances that a favorable final outcome will be obtained in all our cases, and defending any lawsuit is costly and can impose a significant burden on management and employees," Facebook stated.

"Any litigation to which we are a party may result in an onerous or unfavorable judgment that may not be reversed upon appeal or in payments of substantial monetary damages or fines, or we may decide to settle lawsuits on similarly unfavorable terms, which could adversely affect our business, financial conditions, or results of operations."

Don't feel too bad for CEO Mark Zuckerberg and co. Despite facing a reckoning over how they have been handling user information for the last decade, Facebook still managed to make roughly $12bn and revenues and $5bn in net income over the past three months. Facebook's market cap, despite taking a hit in the last few weeks, still sits at around $460bn.

Down to brass tacks

Cambridge Anal.'s slurping of personal information hit the headlines because it involved the 2016 US presidential election. Rather than admit it helped put Donald Trump in the White House by endlessly broadcasting and writing up his rallies and speeches, American media went bananas over the suggestion that Facebook – via Cambridge Analytica as well as Russian trolls – played a role in helping folks manipulate voters to swing it for the real-state baron. Finally, someone else to blame.

But Cambridge Analytica wasn't a one-off case, and now Facebook pretty much acknowledges that.

The bottom line is, once the congressional testimony is long forgotten, and the apology tours have wrapped up, Facebook will continue to look to make a buck off any data its addicts hand over to it. That has been for years, and will continue to be for the foreseeable future, an incredibly profitable business model. ®

Other stories you might like

  • 381,000-plus Kubernetes API servers 'exposed to internet'
    Firewall isn't a made-up word from the Hackers movie, people

    A large number of servers running the Kubernetes API have been left exposed to the internet, which is not great: they're potentially vulnerable to abuse.

    Nonprofit security organization The Shadowserver Foundation recently scanned 454,729 systems hosting the popular open-source platform for managing and orchestrating containers, finding that more than 381,645 – or about 84 percent – are accessible via the internet to varying degrees thus providing a cracked door into a corporate network.

    "While this does not mean that these instances are fully open or vulnerable to an attack, it is likely that this level of access was not intended and these instances are an unnecessarily exposed attack surface," Shadowserver's team stressed in a write-up. "They also allow for information leakage on version and build."

    Continue reading
  • A peek into Gigabyte's GPU Arm for AI, HPC shops
    High-performance platform choices are going beyond the ubiquitous x86 standard

    Arm-based servers continue to gain momentum with Gigabyte Technology introducing a system based on Ampere's Altra processors paired with Nvidia A100 GPUs, aimed at demanding workloads such as AI training and high-performance compute (HPC) applications.

    The G492-PD0 runs either an Ampere Altra or Altra Max processor, the latter delivering 128 64-bit cores that are compatible with the Armv8.2 architecture.

    It supports 16 DDR4 DIMM slots, which would be enough space for up to 4TB of memory if all slots were filled with 256GB memory modules. The chassis also has space for no fewer than eight Nvidia A100 GPUs, which would make for a costly but very powerful system for those workloads that benefit from GPU acceleration.

    Continue reading
  • GitLab version 15 goes big on visibility and observability
    GitOps fans can take a spin on the free tier for pull-based deployment

    One-stop DevOps shop GitLab has announced version 15 of its platform, hot on the heels of pull-based GitOps turning up on the platform's free tier.

    Version 15.0 marks the arrival of GitLab's next major iteration and attention this time around has turned to visibility and observability – hardly surprising considering the acquisition of OpsTrace as 2021 drew to a close, as well as workflow automation, security and compliance.

    GitLab puts out monthly releases –  hitting 15.1 on June 22 –  and we spoke to the company's senior director of Product, Kenny Johnston, at the recent Kubecon EU event, about what will be added to version 15 as time goes by. During a chat with the company's senior director of Product, Kenny Johnston, at the recent Kubecon EU event, The Register was told that this was more where dollars were being invested into the product.

    Continue reading

Biting the hand that feeds IT © 1998–2022